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Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- tf NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1)13 Responsive to communication(s) filed on 29 September 2004 . 
2a)H This action is FINAL. 2b)D This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quay/e, 1935 CD. 1 1 , 453 O.G. 213. 

Disposition of Claims 

4) M Claim(s) 1-4, 7.8. 15-23.26,27,38 and 40-44 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) I3 Claim(s) 1-4. 7.8. 15-23.26.27.38 and 40-44 is/are rejected. 

7) D Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10) D The drawing(s) filed on is/are: a)D accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1.85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121 (d). 

1 1) D The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 119 

12) D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 19(a)-(d) or (f). 
a)D All b)D Some * c)D None of: 

1 .□ Certified copies of the priority documents have been received. 

2.D Certified copies of the priority documents have been received in Application No. . 

3.0 Copies of the certified copies of the priority documents have been received in this National Stage 
application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 
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DETAILED ACTION 

1. Claims 1-4, 7, 8, 15-23, 26, 27, 38, 40-44 are presented for examination. 

Response to Arguments 

2. Applicant's arguments filed 09/29/2004 have been fully considered but they are not 
persuasive. 

3. As per remarks, Applicants' argued that (1) Fuh and/or Hendren do not teach or suggest a 
domain controller that receives and validates a first network access request from a user with the 
network access information maintained at the network server, cache the network access 
information, and then receive and validate a second network access request from the user with 
the network access information cached at the domain controller. 

4. As to point (1), Fuh discloses the above limitation [ i.e. network device verifies username 
and password with AAA server, updates authentication cache and verifies subsequent request ] [ 
Figures 3 and 4; 709-712, Figure 7 A; Figure 7B; Abstract; and col 12, lines 30-56 ]. 

5. As per remark, Applicants' argued that (2) Fuh discloses the authentication proxy denies 
the HTTP packet if the source IP address of the packet does not match and the authentication 
proxy makes not attempt at authentication, and Applicants concludes that Fuh does not 
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authenticate a client unless the authentication proxy has an authentication cache from which to 
authenticate the client. 

6. As to point (2), Fuh discloses the additional filtering mechanism before the caching 
authentication process as disclosed above in point (1) and this filtering mechanism is defined to 
enable the authentication proxy to bypass traffic from undesirable sites [ col 1 1, lines 28-48 ]. 

Claim Rejections - 35 USC §103 

7. The following is a quotation of 35 U.S. C 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

8. Claims 1-4, 7, 15-23, 26, 27, 38, 40-44 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Fuh et al. [ US Patent No 6,463,474 ], in view of Hendren, III [ hereinafter as 
Hendren ] [ US Patent No 6,701,415 ]. 

9. As per claim 1, Fuh discloses the invention substantially as claimed including a network 
system, comprising: 

a network server configured to maintain network access information corresponding to 
users authorized to access the network system [ 218, 220, Figure 3; and col 8, lines 28-33 ]; 
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the domain controller configured to locally administrate access to the network system [ 
i.e. network device ] [ 432, 434, 436, Figure 4; and col 3, lines 29-39 ]; and 
the domain controller further configured to: 

track individual users that request access to the network system via the domain controller 
at the remote network site[ i.e. configure path ] [ col 2, lines 32-54 ]; 

receive a first network access request from a user [ 708, Figure 7A ] and validate the first 
network access request with the network access information maintained at the network server [ 
710, Figure 7A; 728, 730, Figure 7B; and col 12, lines 30-44 ]; 

cache the network access information [ i.e. update cache ] [ col 12, lines 453-47 ]; and 

receive a second network access request from the user and validate the second network 
access request with the network access information cached at the domain controller [ i.e. 
subsequent authentication ] [ 710, 712, Figure 7A; Abstract; and col 12, lines 52-56 ]. 

Fuh does not specifically disclose 

a domain controller remotely located from the network server and communicatively 
linked with the network server. 
Hendren discloses 

a domain controller [ 124, 138, 140, Figure 8 ] remotely located from the network server 
[ 102, Figure 8 ] and communicatively linked with the network server [ Abstract; and col 2, 
lines 33-59 ]. 

It would have been obvious to a person skill in the art at the time the invention was made 
to combine the teaching of Fuh and Hendren because Hendren' s teaching would allow 
information to be cache within specific domain in efficient manner. 
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10. As per claim 2, Fuh discloses wherein the domain controller is further configured to 
cache the network access information only for the individual users that request access to the 
network system from the domain controller at the remote network site [ col 3, lines 24-28 and 
lines 39-44; and col 9, lines 15-19 ]. 

11. As per claim 3, Fuh discloses wherein the domain controller is further configured to 
update the network access information at the domain controller for the individual users that 
request access to the network system from the domain controller at the remote network site [ 
732, Figure 7B; Abstract ]. 

12. As per claim 4, Fuh discloses wherein the domain controller is further configured to 
update the network access information at the domain controller for the individual users that 
request access to the network system from the domain controller at the remote network site 
within a defined time interval [ col 4, lines 22-29; and col 14, lines 49-56 ]. 

13. As per claim 7, Fuh discloses wherein: 

the domain controller is further configured to validate the second network access request 
with the network access information cached at the domain controller if the second network 
access request is within a defined time interval [ i.e. subsequent ] [ 710, 712, Figure 7 A; 
Abstract; col 10, lines 12-24 and lines 49-58; and col 14, lines 34-56 ]. 
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14. As per claim 15, it is rejected for similar reasons as stated above in claims land 3. 
Furthermore, Fuh discloses a global information server and a remote server [ 210, 218, figure 3; 
and Abstract ]. 

15. As per claim 16, it is rejected for similar reasons as stated above in claim 14. 

16. As per claim 17, it is rejected for similar reasons as stated above in claim 7. 

17. As per claim 18, it is rejected for similar reasons as stated above in claim 1. 

18. As per claim 19, it is rejected for similar reasons as stated above in claim 7. 

19. As per claims 20 and 21, they are method claimed of claim 1, they are rejected for similar 
reasons as stated above in claim 1 . 

20. As per claim 22, Fuh discloses updating the network access information at the second site 
for the individual users that periodically request access to the network from the second network 
site [col 19, lines 40-48 ]. 

21 . As per claim 23, it is method claimed of claim 4, it is rejected for similar reasons as 
stated above in claim 4. 
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22. As per claim 26, it is method claimed of claim 7, it is rejected for similar reasons as 
stated above in claim 7. 

23. As per claim 27, it is program product claimed of claim 20, it is rejected for similar 
reasons as stated above in claim 20. 

24. As per claim 38, it is method claimed of claims 1, 3, 4, it is rejected for similar reasons as 
stated above in claims 1 , 3 and 4. 

25. As per claim 40, it is rejected for similar reasons as stated above in claim 7. 

26. As per claim 41, it is rejected for similar reasons as stated above in claims 1, 3 and 4. 

27. As per claims 42 and 43, they are rejected for similar reasons as stated above in claims 5 
and 7. 

28. As per claim 44, it is program product claimed of claim 38, it is rejected for similar 
reasons as stated above in claim 38. 
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29. Claim 8 is rejected under 35 U.S. C. 103(a) as being unpatentable over Fuh et al. [ US 
Patent No 6,463,474 ], in view of Hendren, III [ hereinafter as Hendren ] [ US Patent No 
6,701,415 ], and further in view of Ali et al. [ US Patent No 5,940,594 ]. 

30. As per claim 8, Fuh and Hendren do not specifically disclose wherein: 

the network access information comprises identifiers to indicate network group 
memberships that an individual user is a member of in the network system; and 

the domain controller is further configured to maintain user objects associated with the 
individual users that request access to the network system from the domain controller, and 
cache the identifiers to the user objects. 

Ali discloses wherein: 

the network access information comprises identifiers to indicate network group 
memberships that an individual user is a member of in the network system [ col 2, lines 3-18; 
and col 5, lines 48-55 ]; and 

the domain controller is further configured to maintain user objects associated with the 
individual users that request access to the network system from the domain controller, and 
cache the identifiers to the user objects [ Abstract; and col 2, lines 19-26 ]. 

It would have been obvious to a person skill in the art at the time the invention was made 
to combine the teaching of Fuh, Hendren and Ali because Ali's teaching would allow to better 
manage and control of access information and resources. 
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31. THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 
CFR 1 .136(a) will be calculated from the mailing date of the advisory action. In no event, 
however, will the statutory period for reply expire later than SIX MONTHS from the mailing 
date of this final action. 



Conclusion 



Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Dustin Nguyen whose telephone number is (703) 305-5321 . The 
examiner can normally be reached on flex. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Follansbee John can be reached on (703) 305-8498. The fax phone number for the 
organization where this application or proceeding is assigned is 703-872-9306. 
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Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 



Dustin Nguyen 
Examiner 
Art Unit 2154 




